What it Gives You
- Everything in Tensorflow Notebook
- PHP kernel
- Cling kernel
- Bash kernel
- Disabled authentication (INSECURE!)
The following commands starts a container with the Notebook server listening for HTTP connections on port 8888 without authentication configured.
git clone https://github.com/LordOfTheRats/Jupyter-docker.git cd jupyter-docker docker build -t jupyter-docker . docker run -d -p 8888:8888 jupyter-docker
The Docker container executes a
start-notebook.sh script script by default. The
start-notebook.sh script handles the
GRANT_SUDO features documented in the next section, and then executes the
You can pass Jupyter command line options through the
start-notebook.sh script when launching the container. For example, to secure the Notebook server with a password hashed using
IPython.lib.passwd(), run the following:
docker run -d -p 8888:8888 jupyter-docker start-notebook.sh --NotebookApp.password='sha1:74ba40f8a388:c913541b7ee99d15d5ed31d4226bf7838f83a50e'
For example, to set the base URL of the notebook server, run the following:
docker run -d -p 8888:8888 jupyter-docker start-notebook.sh --NotebookApp.base_url=/some/path
You can sidestep the
start-notebook.sh script and run your own commands in the container. See the Alternative Commands section later in this document for more information.
You may customize the execution of the Docker container and the command it is running with the following optional arguments.
-e PASSWORD="YOURPASS"- Configures Jupyter Notebook to require the given plain-text password. Should be combined with
USE_HTTPSon untrusted networks. Note that this option is not as secure as passing a pre-hashed password on the command line as shown above.
-e USE_HTTPS=yes- Configures Jupyter Notebook to accept encrypted HTTPS connections. If a
pemfile containing a SSL certificate and key is not provided (see below), the container will generate a self-signed certificate for you.
-e NB_UID=1000- Specify the uid of the
jovyanuser. Useful to mount host volumes with specific file ownership. For this option to take effect, you must run the container with
--user root. (The
su jovyanafter adjusting the user id.)
-e GRANT_SUDO=yes- Gives the
sudocapability. Useful for installing OS packages. For this option to take effect, you must run the container with
--user root. (The
su jovyanafter adding
jovyanto sudoers.) You should only enable
sudoif you trust the user or if the container is running on an isolated host.
-v /some/host/folder/for/work:/home/jovyan/work- Host mounts the default working directory on the host to preserve work even when the container is destroyed and recreated (e.g., during an upgrade).
-v /some/host/folder/for/server.pem:/home/jovyan/.local/share/jupyter/notebook.pem- Mounts a SSL certificate plus key for
USE_HTTPS. Useful if you have a real certificate for the domain under which you are running the Notebook server.
The notebook server configuration in this Docker image expects the
notebook.pem file mentioned above to contain a base64 encoded SSL key and at least one base64 encoded SSL certificate. The file may contain additional certificates (e.g., intermediate and root certificates).
If you have your key and certificate(s) as separate files, you must concatenate them together into the single expected PEM file. Alternatively, you can build your own configuration and Docker image in which you pass the key and certificate separately.
For additional information about using SSL, see the following:
- The docker-stacks/examples for information about how to use Let's Encrypt certificates when you run these stacks on a publicly visible domain.
- The jupyter_notebook_config.py file for how this Docker image generates a self-signed certificate.
- The Jupyter Notebook documentation for best practices about running a public notebook server in general, most of which are encoded in this image.
The default Python 3.x Conda environment resides in
/opt/conda. The commands
conda (among others) are available in this environment.
You can bypass the provided scripts and specify your an arbitrary start command. If you do, keep in mind that certain features documented above will not function (e.g.,